hmac,hkdf: Allow use of shorter salt for HKDF.

* cipher/md.c (prepare_macpads): Move the check to...
* src/visibility.c (gcry_mac_setkey): ... here.
* tests/t-kdf.c (check_hkdf): No failure is expected.

--

GnuPG-bug-id: 6039
Fixes-commit: 76aad97dd312e83f2f9b8d086553f2b72ab6546f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

3 files changed, 4 insertions, 14 deletions

diff --git a/cipher/md.c b/cipher/md.c
index 4f4fc9bf..34336b5c 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -903,9 +903,6 @@ prepare_macpads (gcry_md_hd_t a, const unsigned char *key, size_t keylen)
 {
   GcryDigestEntry *r;
 
-  if (fips_mode () && keylen < 14)
-    return GPG_ERR_INV_VALUE;
-
   if (!a->ctx->list)
     return GPG_ERR_DIGEST_ALGO; /* Might happen if no algo is enabled.  */
 
diff --git a/src/visibility.c b/src/visibility.c
index c98247d8..aee5bffb 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -946,6 +946,9 @@ gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen)
   if (!fips_is_operational ())
     return gpg_error (fips_not_operational ());
 
+  if (fips_mode () && keylen < 14)
+    return GPG_ERR_INV_VALUE;
+
   return gpg_error (_gcry_mac_setkey (hd, key, keylen));
 }
 
diff --git a/tests/t-kdf.c b/tests/t-kdf.c
index 4596c5c7..508e4bbe 100644
--- a/tests/t-kdf.c
+++ b/tests/t-kdf.c
@@ -1875,17 +1875,7 @@ check_hkdf (void)
                        info, infolen,
                        expectedlen, out);
   if (err)
-    {
-      if (in_fips_mode && saltlen < 14)
-        {
-          if (verbose)
-            fprintf (stderr,
-                     "  shorter salt (%lu) rejected correctly in fips mode\n",
-                     saltlen);
-        }
-      else
-        fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err));
-    }
+    fail ("HKDF test %d failed: %s\n", count, gpg_strerror (err));
   else if (memcmp (out, expected, expectedlen))
     {
       fail ("HKDF test %d failed: mismatch\n", count);